Data Breach Today

MAY 5, 2020

What You Don't See Now, Can Hurt You Later

214

214

Data Breach Today

MAY 4, 2020

Trump Bans Use of Foreign Equipment That Poses 'National Security Threat' Declaring that threats to the United States' power grid are a national emergency, President Donald Trump is taking steps designed to help defend the grid from foreign interference by focusing on the supply chain.

Security 176

Security 176

Adam Shostack

MAY 4, 2020

A New Hope, even! Happy Star Wars Day!

52

52

Schneier on Security

MAY 7, 2020

This is a good explanation of an iOS bug that allowed someone to break out of the application sandbox. A summary: What a crazy bug, and Siguza's explanation is very cogent. Basically, it comes down to this: XML is terrible. iOS uses XML for Plists , and Plists are used everywhere in iOS (and MacOS). iOS's sandboxing system depends upon three different XML parsers, which interpret slightly invalid XML input in slightly different ways.

Access 116

Access IT Cybersecurity 116

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Cloud

Dark Reading

MAY 4, 2020

Researchers warn the installers are legitimate but don't come from official sources of the Zoom app, including the Apple App Store and Google Play.

115

115

Data Breach Today

MAY 6, 2020

Researchers: Malware Is Capable of Launching DDoS Attacks Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.

IoT 211

IoT Security 211

Data Breach Today

MAY 4, 2020

Nintendo Was Likely Anticipating the Dump After 2018 Intrusion Gamers are poring over a massive leak of Nintendo data, including source code for older gaming systems, prototypes of games and extensive software and hardware documentation. The data likely dates from a 2018 network intrusion at Nintendo.

195

195

Data Breach Today

MAY 8, 2020

The latest edition of the ISMG Security Report analyzes the many challenges involved in developing and implementing contact-tracing apps to help in the battle against COVID-19. Also featured: A discussion of emerging privacy issues and a report on why account takeover fraud losses are growing.

Privacy 176

Privacy Security 176

Threatpost

MAY 5, 2020

The vulnerability is one of 39 affecting various aspects of the mobile OS that the company fixed in a security update this week.

Access 118

Access Security 118

Advertisement

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

WIRED Threat Level

MAY 4, 2020

As contact tracing plans firm up, the tech giants are sharing new details for their framework—and a potential app interface.

Privacy 103

Privacy Security 103

Dark Reading

MAY 6, 2020

Hackers are hitting the sports industry hard on social media and luring quarantined consumers with offers of free streaming services, a new report shows.

102

102

Security Affairs

MAY 5, 2020

A proof-of-concept (PoC) exploit for the recently fixed CVE-2020-1967 denial-of-service (DoS) issue in OpenSSL has been made public. Recently, the OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967 , that can be exploited by attackers to launch denial-of-service (DoS) attacks. The CVE-2020-1967 vulnerability has been described as a “segmentation fault” in the SSL_check_chain function, it is the first issue addressed in Op

Libraries 142

Libraries Cybersecurity Security IT 142

WIRED Threat Level

MAY 3, 2020

A recent infection, which managed to plunder a company's network within hours, demonstrates why the malware has become so prevalent.

Ransomware 90

Ransomware Security 90

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

IT

Data Breach Today

MAY 5, 2020

Campaign Designed to Harvest Credentials of Financial Industry Regulatory Authority Members The Financial Industry Regulatory Authority, a private organization that helps self-regulate brokerage firms and exchange markets in the U.S., warns that a "widespread, ongoing" phishing campaign is targeting its members.

Phishing 192

Phishing Marketing IT 192

Krebs on Security

MAY 6, 2020

Fresenius , Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues. Based in Germany, the Fresenius Group includes four independent businesses: Fresenius Medical Care , a leading provider of care to those suffering from ki

Ransomware 353

Ransomware Healthcare Manufacturing Data breaches 353

AIIM

MAY 5, 2020

The large-scale and lasting impacts of a digital transformation will influence your company for decades to come. Going digital is not merely about adopting present practices - it is a step into the future, aligning your business model and company's methods with the format that is solidifying itself as the new standard. As with any new integration, digitalization presents its fair share of challenges.

Digital transformation 188

Digital transformation Customer Experience Insurance Education 188

Security Affairs

MAY 2, 2020

Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins. The popularity of Microsoft Teams has spiked as a result of the smart working adopted by many organizations due to the COVID-19 pandemic.

Phishing 145

Phishing Financial Services Cybersecurity Access 145

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

Data Breach Today

MAY 7, 2020

'Unauthorized Individual' Accessed SSH File, Company Says Web hosting giant GoDaddy confirms that a data breach has affected about 28,000 of its customers' web hosting accounts, according to a news report. The company has reset passwords and usernames for some customers as a precaution, although it says no data appears to have been altered.

Data breaches 334

Data breaches Passwords Access IT 334

Krebs on Security

MAY 8, 2020

Millions of Americans now filing for unemployment will receive benefits via a prepaid card issued by U.S. Bank , a Minnesota-based financial institution that handles unemployment payments for more than a dozen U.S. states. Some of these unemployment applications will trigger an automatic letter from U.S. Bank to the applicant. The letters are intended to prevent identity theft, but many people are mistaking these vague missives for a notification that someone has hijacked their identity.

Communications 266

Communications Privacy IT 266

AIIM

MAY 6, 2020

The concept of a digital mailroom has been around a while. The idea is pretty simple - all incoming mail is scanned on entry and delivered electronically to the appropriate department or process. In reality, only mail with business value is likely to be processed. This will predominantly be documents with a structure such as forms, orders, invoices, delivery dockets, and vouchers.

Paper 152

Paper Digital transformation Financial Services Records Management 152

The Guardian Data Protection

MAY 7, 2020

MPs and rights groups have warned lack of data protection could make UK app illegal Coronavirus – latest updates See all our coronavirus coverage The government has left open the prospect of ditching its own contact-tracing app in favour of the “decentralised” model favoured by Apple and Google after it was revealed that a feasibility study into such a change is under way.

Privacy 135

Privacy Government IT 135

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Cloud

Data Breach Today

MAY 2, 2020

Fraudsters Look to Harvest Office 365 Credentials From At-Home Employees A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security.

Phishing 292

Phishing Security 292

erwin

MAY 7, 2020

Although there is some crossover, there are stark differences between data architecture and enterprise architecture (EA). That’s because data architecture is actually an offshoot of enterprise architecture. In simple terms, EA provides a holistic, enterprise wide overview of an organization’s assets and processes, whereas data architecture gets into the nitty gritty.

Sales 131

Sales Mining Communications Big data 131

AIIM

MAY 7, 2020

Too often, I hear IIM professionals complain about this issue. "People aren't reading our IIM policy," they say. "I wish our organization forced everybody to read the policy. That way they would know what the IIM requirements are.". My response is always the same: Given the choice, 99% of the people in your organization will never read your IIM policy.

Government 120

Government IT Information governance 120

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target Linux-based servers and Internet of Things (IoT) devices and use them as part of a DDoS botnet.

IoT 145

IoT IT Libraries Security 145

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

Join us for an insightful webinar that explores the critical intersection of data privacy and AI governance. In today’s rapidly evolving tech landscape, building robust governance frameworks is essential to fostering innovation while staying compliant with regulations. Our expert speaker, Aindra Misra, will guide you through best practices for ensuring data protection while leveraging AI capabilities.

Data Privacy

Data Breach Today

MAY 5, 2020

'Password-Spraying' Campaigns Aimed at Stealing Research Data, US and UK Authorities Warn Authorities in the U.S. and U.K. are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advance persistent threat groups seeking to steal COVID-19 research data. Security experts outline defensive steps that organizations can take.

Healthcare 279

Healthcare Passwords Security 279

The Guardian Data Protection

MAY 2, 2020

Exclusive: Privacy experts say the breach in the SkillsSelect platform, which affects data going back to 2014, was ‘very serious’ Privacy experts have blasted the home affairs department for a data breach revealing the personal details of 774,000 migrants and people aspiring to migrate to Australia, including partial names and the outcome of applications.

Data breaches 131

Data breaches Data collection Privacy Government 131

Threatpost

MAY 8, 2020

The Shiny Hunters hacking group said it stole 500 GB of data from the tech giant’s repositories on the developer platform, which it owns.

IT 143

IT Data breaches Phishing Security 143